Home > Quick > Body

ESMA Launches EU Review of Crypto Custodians’ Operational Resilience Under MiCA

clock
2026-07-10 14:06:27
The European Securities and Markets Authority (ESMA) has launched a Common Supervisory Action (CSA) to examine the operational resilience of crypto asset service providers (CASPs), with custody services at the center of the review. According to Cointelegraph, the initiative follows the expiry of MiCA’s transitional period and is among the first major supervisory exercises under the European Union’s Markets in Crypto-Assets Regulation (MiCA) framework. ESMA said the CSA will apply to a sample of MiCA-authorized CASPs and will assess the maturity of their digital operational resilience frameworks for custody activities, including key and storage management, transaction controls, incident response, and dependencies on third-party providers.

Industry participants said the move signals a shift from authorization toward proving day-to-day robustness. Sebastien Dessimoz, co-founder and managing partner at digital asset infrastructure firm Taurus, said a MiCA license should be viewed as a starting point rather than an endpoint, adding that the expected change is from “asserting security to evidencing it.” He described the development as a natural step as digital assets become more embedded in regulated financial infrastructure and face expectations similar to traditional markets for security, accountability, and resilience. Jody Mettler, chief operating officer of BitGo and president of BitGo Trust, said institutional clients have been asking more detailed questions about asset segregation, access controls, incident response, and business continuity during periods of market stress, and she said regulators are increasingly focused on operational standards beyond licensing.

Other executives framed the CSA as a competitive differentiator as oversight tightens. Markus Levin, co-founder of blockchain infrastructure company XYO, said obtaining MiCA authorization and demonstrating operational resilience are “two different tests,” and suggested that CASPs able to show robust controls before the review concludes could be better positioned as institutional adoption grows. Yuriy Brisov, a lawyer at Digital & Analogue Partners, said the review sits at the intersection of MiCA custody obligations and the Digital Operational Resilience Act (DORA), which sets technology risk requirements for financial firms. He said custody technology is concentrated among a limited number of vendors, meaning weaknesses in a single supplier could affect multiple firms, and argued that proving resilience across the supply chain under both MiCA and DORA is a key challenge. Brisov added that the CSA’s findings could influence how regulators benchmark MiCA-authorized custodians and feed into debates on reviewing MiCA and potentially shifting supervision of all CASPs from national regulators to ESMA.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
New Tab Page - Desk3 | Plugin
Stay ahead of the game in the cryptocurrency space.